borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-17 20:07:13 +02:00
parent 5d61bb50ed
commit 726f931b74
2 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
client/src/App.jsx
View File

@@ -2,6 +2,7 @@ import React from 'react';
import { BrowserRouter as Router, Routes, Route } from 'react-router-dom'; import { BrowserRouter as Router, Routes, Route } from 'react-router-dom';
import { Toaster } from 'react-hot-toast'; import { Toaster } from 'react-hot-toast';
import { AuthProvider } from './contexts/AuthContext'; import { AuthProvider } from './contexts/AuthContext';
import { MultiTenantAuthProvider } from './contexts/MultiTenantAuthContext';
import { SocketProvider } from './contexts/SocketContext'; import { SocketProvider } from './contexts/SocketContext';
import APP_CONFIG from './config/app'; import APP_CONFIG from './config/app';
import Layout from './components/Layout'; import Layout from './components/Layout';
@@ -18,9 +19,10 @@ import ProtectedRoute from './components/ProtectedRoute';
function App() { function App() {
return ( return (
<AuthProvider> <MultiTenantAuthProvider>
<SocketProvider> <AuthProvider>
<Router basename={APP_CONFIG.basePath}> <SocketProvider>
<Router basename={APP_CONFIG.basePath}>
<div className="App"> <div className="App">
<Toaster <Toaster
position="top-center" position="top-center"
@@ -81,6 +83,7 @@ function App() {
</Router> </Router>
</SocketProvider> </SocketProvider>
</AuthProvider> </AuthProvider>
</MultiTenantAuthProvider>
); );
} }

14
server/routes/debug.js
View File

@@ -87,21 +87,29 @@ router.get('/heartbeat-payloads', authenticateToken, MultiTenantAuth, async (req
const { limit = 50, offset = 0, device_id } = req.query; const { limit = 50, offset = 0, device_id } = req.query;
const whereClause = { const whereClause = {
raw_payload: { [Op.ne]: null }, raw_payload: { [Op.ne]: null }
tenant_id: req.user.tenant_id // 🔒 SECURITY: Filter by user's tenant
}; };
if (device_id) { if (device_id) {
whereClause.device_id = device_id; whereClause.device_id = device_id;
} }
// 🔒 SECURITY: Filter heartbeats by user's tenant using device relationship
const heartbeats = await Heartbeat.findAll({ const heartbeats = await Heartbeat.findAll({
where: whereClause, where: whereClause,
include: [{
model: Device,
as: 'device',
where: {
tenant_id: req.user.tenant_id
},
attributes: ['id', 'name', 'tenant_id']
}],
order: [['received_at', 'DESC']], order: [['received_at', 'DESC']],
limit: parseInt(limit), limit: parseInt(limit),
offset: parseInt(offset), offset: parseInt(offset),
attributes: [ attributes: [
'id', 'device_id', 'device_key', 'received_at', 'raw_payload', 'tenant_id' 'id', 'device_id', 'device_key', 'received_at', 'raw_payload'
] ]
}); });